Artillery Combine Honeypot Monitoring and Prevention

Dave (ReL1K) Kennedy author of The Social-Engineering Toolkit (SET) have released last December another interesting tool written in python that helps to protect *nix based system with a combination of honeypot , monitoring and prevention systems.

Honeypot is a good way to trick attacker by simulating a vulnerable system to attract hacker or a malicious user to launch their attack, Here Artillery will create several vulnerable ports on the *nix system and if anything unusual detected including a scan or attack it will automatically blacklist them.

Artillery can also be used to prevent brute force attack, so you will not need to install any other security solution if you are running SSH. This is for *nix user now you can find also a windows version that will also create a fake vulnerable ports on windows system and will ban any attack detected. The release note for this version includes the following:

added a check to see if we are running on windows or linux

added a new anti-dos protection for linux, it will check connections and limit based on how many are connecting, you will probably want to adjust this per server